Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS39521.roa
File: AS39521.roa (raw, json)
Hash identifier: bIJEo5bV95fnIBtg0JUkBBNb8Mtk6rQ5a7d5C3IgX1g=
Subject key identifier: 06:0B:BA:B8:8B:EB:53:86:12:C0:44:5B:AB:B2:31:84:46:AC:FD:09
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4D740F08403BC1247EDBA2B5DB5D3CD0B9BE9741
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS39521.roa
Signing time: Mon 15 Jun 2026 11:19:54 +0000
ROA not before: Mon 15 Jun 2026 11:14:54 +0000
ROA not after: Mon 14 Jun 2027 11:19:54 +0000
asID: 39521
IP address blocks: 82.21.58.0/24 maxlen: 24
82.21.112.0/24 maxlen: 24
82.21.116.0/24 maxlen: 24
82.21.126.0/24 maxlen: 24
82.21.165.0/24 maxlen: 24
82.22.143.0/24 maxlen: 24
82.22.157.0/24 maxlen: 24
82.22.186.0/24 maxlen: 24
82.23.188.0/24 maxlen: 24
82.23.191.0/24 maxlen: 24
82.47.198.0/24 maxlen: 24
82.47.199.0/24 maxlen: 24
82.47.200.0/24 maxlen: 24
82.47.201.0/24 maxlen: 24
82.47.205.0/24 maxlen: 24
84.75.189.0/24 maxlen: 24
84.75.190.0/24 maxlen: 24
84.75.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 14:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:74:0f:08:40:3b:c1:24:7e:db:a2:b5:db:5d:3c:d0:b9:be:97:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 15 11:14:54 2026 GMT
Not After : Jun 14 11:19:54 2027 GMT
Subject: CN=060BBAB88BEB538612C0445BABB2318446ACFD09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:a2:d9:2b:fe:14:05:72:39:19:6a:7e:56:a8:
ae:13:6e:ed:be:61:79:39:06:59:ac:b6:30:60:56:
72:b3:c6:2d:4c:b8:98:16:d8:dc:2d:d9:84:44:20:
32:c0:6c:f0:b1:8e:c2:e3:68:bd:b4:ae:7d:32:d0:
65:17:89:d3:b3:9c:1b:83:84:3d:8b:a2:b9:24:b8:
04:89:ac:16:2c:10:da:ab:89:77:c1:60:81:8a:b3:
25:a9:82:3e:7f:ab:6b:b9:d6:43:f0:98:07:20:50:
d6:eb:e1:07:c3:26:45:c0:db:9d:06:7e:0f:75:1e:
7d:14:36:40:b1:09:c3:64:13:2e:1c:72:9b:45:ca:
85:49:8b:9c:4d:4a:ff:2f:52:d6:8a:15:2a:4d:a3:
b2:e7:42:7b:e7:0e:e0:c3:1b:7e:b0:e9:7f:98:32:
cf:f3:13:20:ac:45:b0:2f:bd:ff:88:12:c9:6c:86:
f6:37:95:dc:cf:bb:b4:94:63:c4:42:f4:e1:45:39:
b9:c6:cc:c8:d2:1c:c5:79:ad:1a:09:c2:88:c4:5a:
00:6d:7a:64:ff:f7:cc:60:4c:52:ee:b0:1f:04:63:
54:1a:54:9d:30:e5:12:48:38:2d:85:c3:a8:a8:bc:
07:36:51:75:f9:17:0e:f6:8e:c9:1e:37:1c:56:90:
ce:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:0B:BA:B8:8B:EB:53:86:12:C0:44:5B:AB:B2:31:84:46:AC:FD:09
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS39521.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.58.0/24
82.21.112.0/24
82.21.116.0/24
82.21.126.0/24
82.21.165.0/24
82.22.143.0/24
82.22.157.0/24
82.22.186.0/24
82.23.188.0/24
82.23.191.0/24
82.47.198.0-82.47.201.255
82.47.205.0/24
84.75.189.0-84.75.191.255
Signature Algorithm: sha256WithRSAEncryption
2c:d7:03:14:62:47:8e:2a:fc:2d:f1:d7:39:b7:82:36:8f:8a:
2b:d0:d0:99:bc:90:92:fa:7e:49:13:82:02:bb:79:35:36:3e:
98:2f:22:e9:02:2e:9c:81:38:80:0d:0c:17:80:ad:aa:6e:5c:
63:79:2b:82:22:3c:72:a4:04:d4:3b:27:55:48:38:a7:f7:16:
6c:b6:f0:b5:ad:c5:18:0f:d0:82:e4:5e:97:40:09:e7:16:18:
85:e3:08:05:bd:74:9f:b7:41:c2:63:bb:5e:fc:96:82:a6:b0:
5d:73:2e:57:8d:5d:d0:ae:1e:10:0e:8a:ea:0f:2f:7c:a1:5f:
fa:f2:b5:6c:66:6d:cd:33:24:ad:79:e2:9c:13:5e:bd:e0:ce:
7d:e2:67:b4:33:95:52:d3:89:12:b1:b4:8a:c4:e1:71:71:03:
7e:ef:10:df:7b:90:67:84:7c:d2:46:41:8e:5f:9b:52:3e:86:
8e:cb:14:61:e6:50:88:96:fa:c0:a5:47:e7:09:4e:35:4e:50:
47:b1:2b:c4:49:87:63:49:5f:cb:aa:76:05:0b:f5:ed:45:2d:
dd:ba:bd:f3:cb:a8:ab:ff:47:55:8e:e1:82:25:c0:17:b5:b5:
44:46:65:d0:66:95:a0:fd:db:42:06:d7:b6:32:6f:17:17:4a:
2e:c7:a3:f7
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgIUTXQPCEA7wSR+26K121080Lm+l0EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MTUxMTE0NTRaFw0yNzA2MTQxMTE5NTRaMDMxMTAvBgNV
BAMTKDA2MEJCQUI4OEJFQjUzODYxMkMwNDQ1QkFCQjIzMTg0NDZBQ0ZEMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzotkr/hQFcjkZan5WqK4Tbu2+
YXk5BlmstjBgVnKzxi1MuJgW2Nwt2YREIDLAbPCxjsLjaL20rn0y0GUXidOznBuD
hD2LorkkuASJrBYsENqriXfBYIGKsyWpgj5/q2u51kPwmAcgUNbr4QfDJkXA250G
fg91Hn0UNkCxCcNkEy4ccptFyoVJi5xNSv8vUtaKFSpNo7LnQnvnDuDDG36w6X+Y
Ms/zEyCsRbAvvf+IEslshvY3ldzPu7SUY8RC9OFFObnGzMjSHMV5rRoJwojEWgBt
emT/98xgTFLusB8EY1QaVJ0w5RJIOC2Fw6iovAc2UXX5Fw72jskeNxxWkM7vAgMB
AAGjggJhMIICXTAdBgNVHQ4EFgQUBgu6uIvrU4YSwERbq7IxhEas/QkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk1MjEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwdwYIKwYBBQUHAQcBAf8EaDBmMGQEAgABMF4DBABSFToD
BABSFXADBABSFXQDBABSFX4DBABSFaUDBABSFo8DBABSFp0DBABSFroDBABSF7wD
BABSF78wDAMEAVIvxgMEAVIvyAMEAFIvzTAMAwQAVEu9AwQGVEuAMA0GCSqGSIb3
DQEBCwUAA4IBAQAs1wMUYkeOKvwt8dc5t4I2j4or0NCZvJCS+n5JE4ICu3k1Nj6Y
LyLpAi6cgTiADQwXgK2qblxjeSuCIjxypATUOydVSDin9xZstvC1rcUYD9CC5F6X
QAnnFhiF4wgFvXSft0HCY7te/JaCprBdcy5XjV3Qrh4QDorqDy98oV/68rVsZm3N
MySteeKcE1694M594me0M5VS04kSsbSKxOFxcQN+7xDfe5BnhHzSRkGOX5tSPoaO
yxRh5lCIlvrApUfnCU41TlBHsSvESYdjSV/LqnYFC/XtRS3dur3zy6ir/0dVjuGC
JcAXtbVERmXQZpWg/dtCBte2Mm8XF0oux6P3
-----END CERTIFICATE-----
Generated at Sat Jun 27 22:32:00 2026 by rpki-client